Lucene search
Bob MatyasWPEX-ID:BDD2E323-D589-4050-BC27-5EDD2507A818HistoryJun 12, 2024 - 12:00 a.m.
WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF
2024-06-1200:00:00
Bob Matyas
5
wpqa
csrf
vulnerability
exploit
june 26 2024
update
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
The PoC will be displayed on June 26, 2024, to give users the time to update.Related
wpvulndb
wpvulndb
WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF
2024-06-12 00:00:00
6.8 Medium
AI Score
Confidence
Low
0 Low
EPSS
Percentile
0.0%
Related for WPEX-ID:BDD2E323-D589-4050-BC27-5EDD2507A818